CVE-2020-10962

In PowerShell App Deployment Toolkit aka PSAppDeployToolkit through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access...

EUVD-2020-3364

Malware in sbrugna...

CVE-2022-34829

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service application restart via a crafted payload to the Mobile App Deployment API...

The vulnerability of the registration method for mobile devices and the deployment of mobile applications via Splunk Secure Gateway, a platform for operational analysis in Splunk Enterprise, stems from insufficient protection of sensitive data. This vulnerability allows attackers to gain unauthorized access to protected information.

The vulnerability of the mobile device registration and mobile application deployment mechanism of Splunk Secure Gateway, a platform for operational analytics in Splunk Enterprise, is related to insufficient protection of sensitive data due to improper access control to the KV Store Key Value...

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2023-5408)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that may allow an attacker to modify restricted node labels and bypass the node restriction admission plugin CVE-2023-5408. Vulnerability Details CVEID: CVE-2023-5408 Description: OpenShift...

PowerShell App Deployment Toolkit Security Vulnerability

PowerShell App Deployment Toolkit is a versatile, reusable and extensible tool replacement for WiseScript, VBScript and Batch wrapper scripts from the PowerShell App Deployment Toolkit team. A security vulnerability exists in PowerShell App Deployment Toolkit 3.8.0 and prior versions, which stems...

PT-2023-11450 · Microsoft · Powershell App Deployment Toolkit

Name of the Vulnerable Software and Affected Versions: PowerShell App Deployment Toolkit versions prior to 3.8.1 Description: The issue is related to an incorrect access control vulnerability in the default configuration, which may allow an authenticated user to potentially enable escalation of...

CVE-2020-10962

In PowerShell App Deployment Toolkit aka PSAppDeployToolkit through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access...

Get-AppLockerEventlog - Script For Fetching Applocker Event Log By Parsing The Win-Event Log

This script will parse all the channels of events from the win-event log to extract all the log relatives to AppLocker. The script will gather all the important pieces of information relative to the events for forensic or threat-hunting purposes, or even in order to troubleshoot. Here are the log...

io.quarkiverse.cxf:quarkus-cxf-deployment (=1.6.0), io.quarkiverse.cxf:quarkus-cxf-rt-features-logging-deployment (=1.6.0) +95 more potentially affected by CVE-2022-4116 via io.quarkus:quarkus-vertx-http-deployment (>=2.14.0.CR1 <=2.14.1.Final)

io.quarkus:quarkus-vertx-http-deployment MAVEN version =2.14.0.CR1, =2.14.1.Final is affected by a known vulnerability. The following packages have a transitive dependency on io.quarkus:quarkus-vertx-http-deployment and may be impacted: - io.quarkiverse.cxf:quarkus-cxf-deployment =1.6.0 -...

CVE-2022-34829

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service application restart via a crafted payload to the Mobile App Deployment API...

CVE-2022-34829

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service application restart via a crafted payload to the Mobile App Deployment API...

CVE-2022-34829

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service application restart via a crafted payload to the Mobile App Deployment API...

Code injection

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service application restart via a crafted payload to the Mobile App Deployment API...

EUVD-2022-37735

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service application restart via a crafted payload to the Mobile App Deployment API...

CVE-2022-34829

Zoho ManageEngine ADSelfService Plus before 6203 allows a denial of service application restart via a crafted payload to the Mobile App Deployment API...

Citrix Endpoint Management (aka XenMobile Server) 10.13.0 Rolling Patch 2

Package name:xms10.13.0.10212.bin For: XenMobile Server 10.13.0 Deployment type: On-premises only Replaces:xms10.13.0.10129.bin Date:February, 2021 Languages supported:English US Readme version:1.00 Readme Revision History Version| Date| Change Description ---|---|--- 1.00| February, 2021| Initia...

PT-2019-2607 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to an elevation of privilege vulnerability in the Windows AppX Deployment Service AppXSVC due to improper handling of hard links. This vulnerability can be...

Malicious MDM: Let's Hide This App

This blog post is authored by Warren Mercer and Paul Rascagneres with contributions from Nick Biasini Summary Since our initial discovery of a malicious mobile device management MDM platform that was loading fake applications onto smartphones, we have gained greater insight into the attacker's...

Hot or Not? The Benefits and Risks of iOS Remote Hot Patching

Introduction Apple has made a significant effort to build and maintain a healthy and clean app ecosystem. The essential contributing component to this status quo is the App Store, which is protected by a thorough vetting process that scrutinizes all submitted applications. While the process is...